osviews home
osRadioosBuyer
osLinksContactFAQSearchOpen ContentAdvertiseGet Published
Apple Mac viewsNIX ViewsOther OS ViewsWin MS Views
Login
 Username
 Password
 Remember me


 Log in Problems?
 New User? Sign Up!

Main Menu

User Tools
· Top 100 List
· Members
· Check/Send Messages

Advertisement

Advertisement

Todays Big Story
Today's most read story is:

Tired of supporting friends' computers? Migrate them to GNU/Linux

Past Articles
Friday, April 29
· Sun makes light of Microsoft apps (1)
· Doom 4: End of the Game Industry? (2)
· The Historical and Philosophical Foundations of IT (0)
Thursday, April 28
· TigerDirect Sues Apple Over New OS (2)
· Mozilla's browsers global usage share is 8.69 percent (0)
· Does Microsoft MSN search favour sites using their own software? (1)
· Java in OpenOffice.org: Proprietary Trap or Creative Commons? (0)
· Free software can resurrect 64-bit dinosaurs (0)
· Ars Technica Reviews Mac OS X 10.4 Tiger (0)
· PC-BSD - a user-friendly BSD system (1)
  Older Articles




This is Topic: Security
Following are the News Items published under this Topic.


Apple - Mac: Apple Mythology and Desktop Security
Security Two weeks ago theregister.co.uk summarized an analysis (done by Quocirca) of reader response to questions on Linux desktop migration.

To no one's surprise, the study found that business people cite the opportunity to sidestep the insecurity of the Microsoft PC, not cost savings, as the primary reason for considering desktop Linux. Most respondents agreed, furthermore, that the high cost of matching Windows applications, particularly Microsoft Office and custom applications, is the greatest barrier to change.
Published Apr 21, 2005 - 07:52 PM
comments? Send this story to a friend Printer friendly page

PowerPC Gives Edge to Security ...
Security Some developers claim that the PowerPC, a general-purpose microprocessor that was designed by IBM and Motorola Inc. and that Apple Computer Inc. has long used in its Macintosh systems, has distinct advantages when it comes to security monitoring and management over, say, Intel Corp.'s CPUs. In part, that's because of the PowerPC's more liberal caching scheme, says Dave Lapp, chief technology officer at Seaway Networks Inc.
Published Apr 18, 2005 - 07:33 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Microsoft silent over IP vulnerability claims
Security A researcher who found a vulnerability that affects networking products from Cisco, Juniper and IBM now says most versions of Microsoft Windows are also vulnerable.

Microsoft has refused to comment over allegations that computers running its Windows operating system are affected by a serious vulnerability in one of the Internet's underlying technologies.
Published Apr 15, 2005 - 01:38 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Microsoft Dusts Off 'Palladium' Security for Longhorn
Security Unlike last year's Longhorn Windows Hardware Engineering Conference preview build, this year's will include the first pieces of Microsoft's built-in Windows security system.

That system—originally code-named "Palladium," (and more recently, "Next-Generation Secure Computing Base," or NGSCB)—has been one of the most controversial of the planned Longhorn components, since Microsoft first detailed it in 2003.
Published Apr 15, 2005 - 10:27 AM
1 Comment Send this story to a friend Printer friendly page

Win - MS: Microsoft issued info on 8 new security updates
Security On Tuesday, April 12, Microsoft issued information on eight new security updates. Symantec Security Response has identified the following five vulnerabilities as the most serious:

..."It is important that both home users and enterprises take proactive steps to deploy these patches," said Oliver Friedrichs, senior manager, Symantec Security Response. "The vulnerabilities announced by Microsoft today can result in broad exposure to blended threats and worms, as well as denial of service attacks. "
Published Apr 13, 2005 - 11:05 AM
comments? Send this story to a friend Printer friendly page

*NIX - UNIX: Linux servers praised for security
Security A recent Yankee Group report may have incensed Linux devotees on some counts, but it did conclude that Linux is more secure than Windows. That finding that is now backed up by a new survey of software development managers

Software development managers rate Linux significantly higher than Windows server products for security, according to the latest research.
Published Apr 12, 2005 - 12:33 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Fewer Permissions Are Key to Longhorn Security
Security Software engineers who attend Microsoft's annual Windows Hardware Engineering Conference later this month could get their first taste of a new Windows user permissions model that could change the way thousands of programs are developed and run.

But as the company prepares for the final Longhorn development push, questions remain about its plans for a new user privileges model called Least-Privilege User Account, or LUA.
Published Apr 08, 2005 - 01:56 PM
2 Comments Send this story to a friend Printer friendly page

Biggest security threat is vocabulary?
Security Every now and again someone sits up to tell us that the problem with technology is that it's too complicated, and that people don't understand it. One facet of the discussion is always the issue of jargon. Was ist... ahch tee tee pee? The BBC is pointing to a study that says "geek speak" problem is ultimately making the Internet experience less secure.
Published Apr 06, 2005 - 05:38 PM
comments? Send this story to a friend Printer friendly page

Win - MS: 'High Risk' Flaws Found in IE, Outlook
Security A pair of newly discovered security flaws in Microsoft's Internet Explorer and Outlook programs could put millions of users at risk of code execution attacks, a private research outfit warned Thursday.

The vulnerabilities were reported to Microsoft Corp. by private research outfit eEye Digital Security, and basic details on the risks and the affected products have been released on eEye's upcoming advisories Web page.
Published Apr 01, 2005 - 11:00 AM
4 Comments Send this story to a friend Printer friendly page

Win - MS: Failed fixes haunt credibility of Microsoft's Trustworthy Computing Initiative
Security TruSecure Corp. senior scientist Russ Cooper, who is also the founder and editor of the NTBugtraq mailing list, has published a report that details how a nearly eight-year-old denial-of-service (DoS) vulnerability has resurfaced in Windows XP (including SP2) and Windows Server 2003 long after Microsoft originally fixed the problem.

...The vulnerability according to Cooper, leaves Microsoft's desktop and server operating systems open to a DoS exploit known as a "Land attack" that he says can crash a system.
Published Mar 31, 2005 - 07:00 PM
5 Comments Send this story to a friend Printer friendly page

Apple - Mac: Joke of the month: Gartner warns of Mac OS X 'spyware infestation' potential
Security Gartner's warning basically is saying that "Mac OS X users have no problems, but don't think that the threat doesn't exist. Nobody bought Symantec's load of ---- last week, so we're going to have to try to scare everyone about the potential for, ummm, let's see... 'Mac OS X spyware infestations,' yeah, yeah, that sounds good... before people go get crazy ideas like dumping their porous, insecure Windows boxes for Macs." More FUD. And the more FUD you see, the more Apple's Mac platform is denting the Wintel-centric universe.
Published Mar 30, 2005 - 02:39 PM
2 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Said to Have New Security Plans
Security Microsoft's next operating system, code-named Longhorn, will feature a new personal data repository, according to a news report Monday.

The service, called Info-cards, would reside on the user's PC and aggregate personal information like names, credit card numbers and mailing addresses, and will allow people to use them when they shop or conduct business online, Microsoft executives said in a Wall Street Journal report.
Published Mar 29, 2005 - 10:19 AM
comments? Send this story to a friend Printer friendly page

Win - MS: Linux Lags Windows in New Security Report
Security A report released today indicates Windows Server 2003 may actually be more secure than its most popular Linux competitor when it comes to vulnerabilities and the time it takes to patch them.

But well before the paper's official release, members of the IT security community have questioned the comparison, with some slamming the researchers' methodology and others the Microsoft connection--the software giant funded the research behind the favorable findings.
Published Mar 22, 2005 - 01:26 PM
2 Comments Send this story to a friend Printer friendly page

Win - MS: Drop In Bots Due To Windows XP SP2, Says Symantec
Security Microsoft's rollout of Windows XP SP2 in August 2004 was the most likely reason the number of bots actively involved in scanning dropped precipitously in the second half of 2004, said Symantec in a report the security company released Monday.

Although Symantec's claim that bots are on the downturn contradicts recent research by the Honeynet Project, which last week said that as many as a million machines may be kidnapped by botnets, the Cupertino, Calif.-based company made a compelling case.
Published Mar 21, 2005 - 04:02 PM
3 Comments Send this story to a friend Printer friendly page

Apple - Mac: Symantec: Mac OS X a hacker target
Security Security vendor Symantec is warning that Apple's OS X operating system is increasingly becoming a target for hackers and malware authors.

In its seventh bi-annual Internet Security Threat Report, Symantec said over the past year, security researchers had discovered at least 37 serious vulnerabilities in the Mac OS X system.
Published Mar 21, 2005 - 09:17 AM
12 Comments Send this story to a friend Printer friendly page

Win - MS: Study says over 1m Windows PCs compromised
Security A study by the German Honeynet Project estimates that over a million internet-connected computers, the majority of which are running Windows XP and Windows 2000, are infected with bots and can be harnessed by crackers to launch attacks.

The group said that once an attacker had compromised a machine, he or she normally installed an IRC (internet relay chat) bot - also called a zombie or drone - on it.
Published Mar 20, 2005 - 03:07 AM
5 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Security Practice Raises Fears
Security Microsoft Corp. is giving early versions of its software security patches to the U.S. Air Force and other organizations, a practice some experts fear could give rogue hackers important details about how to break into unprotected computers on a massive scale.
Published Mar 14, 2005 - 11:52 AM
4 Comments Send this story to a friend Printer friendly page

Win - MS: Vigilante & Control-Flow Integrity: New security approaches from Microsoft
Security Microsoft Research is showing off prototypes for two security projects aimed at containing zero-day Internet worms and thwarting malicious code execution attacks.

At the company's annual TechFest event in Redmond, Wash., Microsoft Corp. engineers presented the first glimpse of a new technology code-named Vigilante that proposes a brand-new approach to automate worm containment.
Published Mar 09, 2005 - 04:20 PM
3 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Researchers Target Worms, Buffer Overruns
Security Microsoft researchers showed off some forward-looking technologies this week, including new ways to protect systems against Internet worms, prevent hacker attacks, and measure available bandwidth on home networks.

At its fifth annual TechFest, Microsoft Research presented about 150 projects here at the company's headquarters. The event was expected to attract about 6000 Microsoft employees. Its main purpose is to promote the exchange of ideas, or "tech transfers," between Microsoft Research and product teams at the software maker.
Published Mar 04, 2005 - 04:05 PM
7 Comments Send this story to a friend Printer friendly page

Win - MS: MS security is a conflict of interest, says Gartner
Security Gartner has criticised Microsoft's plans to develop anti-virus and anti-spam add-ons for its software products.

The analyst group said Microsoft's move, announced last month, could represent a conflict of interest. It urged Microsoft to improve the security and quality of its software rather than building add-on security features to patch insecure applications.
Published Mar 01, 2005 - 03:10 PM
11 Comments Send this story to a friend Printer friendly page

Win - MS: Has Microsoft killed off its secure computing architecture?
Security Microsoft's silence on its Next-Generation Secure Computing Base (NGSCB) architecture has some industry insiders wondering if the technology has been substantially delayed, or even axed.

Microsoft unveiled NGSCB, formerly known as Palladium, in 2002. The technology, Microsoft has said, uses a combination of software and hardware that boosts PC security by providing the ability to isolate software so it can be protected against malicious code.
Published Feb 24, 2005 - 10:50 AM
3 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft's security complex
Security Microsoft's security strategy is hard to understand. This may be because it doesn't exist. Microsoft's new-found devotion to security hasn't been doing too well. Malware of all kinds flourishes, patches are issued in considerable numbers -- eleven so far this month -- and far from reaping a peace dividend from more secure, easier to maintain software the company has been out buying anti-virus and anti-spyware vendors. Why has Microsoft's multi-billion dollar research division not come up with a way to protect the company's own vulnerable software?
Published Feb 18, 2005 - 01:11 PM
comments? Send this story to a friend Printer friendly page

Win - MS: RSA: Microsoft on 'rootkits': Be afraid. Be very afraid.
Security Microsoft security researchers are warning about a new generation of powerful system monitoring programs, or "rootkits," that are almost impossible to detect using current security products and that could pose a serious risk to corporations and individuals.

The researchers Tuesday discussed the growing threat posed by kernel rootkits at a session at the RSA Security Conference in San Francisco. The malicious snooping programs are becoming more common and could soon be used to create a new generation of mass-distributed spyware and worms.
Published Feb 17, 2005 - 02:45 PM
3 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Fesses Up To 19 Vulnerabilities, MSBlast-Level Worm Likely
Security Microsoft Tuesday released its largest group of security patches in nearly a year as it posted 12 security bulletins encompassing 19 vulnerabilities, 14 of which it marked "Critical," its highest warning.

Among them is a vulnerability that will likely lead to the biggest, baddest worm since mid-2003, said Mike Murray, the director of research at vulnerability management vendor nCircle
Published Feb 08, 2005 - 08:41 PM
comments? Send this story to a friend Printer friendly page

Win - MS: 'Serious' Microsoft Office Encryption Flaw Uncovered
Security Cryptography expert Phil Zimmermann says he believes a flaw recently discovered in Microsoft Office's Word and Excel encryption is serious and warrants immediate attention.

"I think this is a serious flaw--it is highly exploitable. It is not a theoretical attack," says Zimmermann, referring to a flaw in Microsoft's use of RC4 document encryption unearthed recently by a researcher in Singapore.
Published Jan 27, 2005 - 09:14 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Microsoft admits new Windows vulnerability
Security The security patch Microsoft recently released against a flaw in the HTML Help ActiveX part of Windows does not address a newly discovered hole in the system.

Users of Windows XP are vulnerable, even if they are using fully patched versions of Service Pack 1. Windows 2000 running a fully patched Service Pack 4 are also at risk from the vulnerability which could allow a hacker to place malicious code, including spyware, on a system.
Published Jan 26, 2005 - 01:54 PM
comments? Send this story to a friend Printer friendly page

Unpatched Linux Systems Last Longer than Windows
Security The Honeypot Project has added fuel to the debate over which is more secure—Linux or Windows—with findings that unpatched Linux systems can be on the Internet for months before being successfully attacked while Windows systems have been compromised in as little as hours.

The international non-profit security organization—with members from security companies like Foundstone Inc., Counterpane Internet Security Inc. and SecurityFocus—did not set out to show that Linux is more secure than Windows. Instead, the group set out to ask the question: "Why is no one hacking Linux anymore?"
Published Jan 19, 2005 - 02:49 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Microsoft urges PC users to get secure
Security More than two-fifths of PC users fell victim to a computer virus during the last 12 months, a Microsoft survey reveals.

Almost a quarter of PC users suffered an attack from other internet security threats such as spyware, phishing and online banking fraud.
Published Jan 18, 2005 - 05:22 PM
7 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft resorts to bugs-as-features logic of yesteryear
Security Microsoft is reliving old times by claiming that problems with its software aren't problems but legitimate features. Twice in the past few days, the software giant has disputed claims by security experts that they have found security holes. Instead, it says, the experts have mistaken perfectly normal processes for vulnerabilities.

An advistory on an unpatched hole in Explorer - found on Friday by security consultant Rafel Ivgi - was "inaccurate and misleading" according to Microsoft. Ivgi said the browser fails to warn a user about the installation of malicious code on their system. Microsoft says it does.
Published Jan 17, 2005 - 12:23 PM
1 Comment Send this story to a friend Printer friendly page

Win - MS: Windows Media Player will not change the way it handles DRM licenses
Security Microsoft Corp. says it has no plans to change the way its Windows Media Player handles the download of DRM licenses.

Amid reports that malicious hackers are using the anti-piracy mechanism to infect computers with spyware, adware, dialers and computer viruses, Microsoft officials stressed that the latest attack scenario does not exploit a vulnerability in the software.
Published Jan 14, 2005 - 04:04 PM
1 Comment Send this story to a friend Printer friendly page

*NIX - UNIX: Torvalds Criticizes Security Approaches
Security Linux creator Linus Torvalds had a few things to say this week about the way potential security issues are disclosed to fellow open sourcers. And it wasn't all good.

His comments came as part of a mailing list discussion among kernel developers about creating a security contact point for people to use when potential kernel security issues arise.
Published Jan 14, 2005 - 11:42 AM
1 Comment Send this story to a friend Printer friendly page

Win - MS: Microsoft issues 'critical' security patches
Security Microsoft Corp. warned Windows users Tuesday of two new "critical" level security flaws in its software that could allow attackers to take control of a computer and delete or copy information.

The world's largest software maker issued patches to fix the problems as part of its monthly security bulletin, which affects the Windows operating system and the Internet Explorer Web browser.
Published Jan 11, 2005 - 05:39 PM
3 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Readies 'A1' Security Subscription Service
Security Publicly, Microsoft continues to be cagey about packaging and pricing plans for its anti-spyware and anti-virus solutions. But privately, Microsoft has begun informing partners of its plans for a security subscription service code-named "A1," according to developers who requested anonymity.
Published Jan 04, 2005 - 04:05 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Windows Computer Viruses Broke 100,000 In 2004
Security The last 12 months have seen a dramatic growth in almost every security threat that plague Windows PCs. The count of known viruses broke the 100,000 barrier and the number of new viruses grew by more than 50%.

Similarly phishing attempts, in which conmen try to trick people into handing over confidential data, are recording growth rates of more than 30% and attacks are becoming increasingly sophisticated. Also on the increase are the number of networks of remotely controlled computers, called bot nets, used by malicious hackers and conmen to carry out many different cyber crimes.
Published Dec 29, 2004 - 02:33 PM
3 Comments Send this story to a friend Printer friendly page

Win - MS: Three serious Windows flaws lack patches
Security Users should stay away from untrusted Web sites and e-mails from unfamiliar sources to avoid becoming victims of an attack aided by three serious security holes in Windows, security firms warned over the weekend.

An attacker could exploit the unpatched vulnerabilities to cause a denial of service and launch spyware or other malicious code, according to Symantec Security Response and Danish security firm Secunia, which called the problems "highly critical."
Published Dec 27, 2004 - 11:07 AM
8 Comments Send this story to a friend Printer friendly page

Win - MS: Experts warn of new Windows vulnerabilities
Security Symantec's Security Response has issued a warning about three new "serious" vulnerabilities discovered in the Windows operating system.

"We believe these threats to be serious, especially given the time of year that they have been discovered," said Alfred Huger, senior director of Symantec Security Response.
Published Dec 24, 2004 - 11:50 AM
2 Comments Send this story to a friend Printer friendly page

*NIX - UNIX: Linux lasting longer against Net attacks
Security Unpatched Linux systems are surviving longer on the Internet before being compromised, according to a report from the Honeynet Project released this week.

The data, from a dozen networks, showed that the average Linux system lasts three months before being compromised, a significant increase from the 72 hours lifespan of a Linux system in 2001. Unpatched Windows systems continue to be compromised more quickly, sometimes within minutes, the Honeynet Project report stated.
Published Dec 22, 2004 - 05:08 PM
6 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Drops Ball on Patch Notification
Security Microsoft released six new security patches in December, but only five official Security Bulletins. For some strange reason a patch released on the same day as the normal monthly patches -- for Windows XP SP2 only -- didn't rate a full Security Bulletin.

Instead, Microsoft Knowledge Base article 886185, was quietly created and the patch pushed via Windows Update alone. This is precisely the sort of action that many people grumbled about when Automatic Updates was turned on in XP SP2 back in August; the fear that they would receive silent updates without explanation.
Published Dec 21, 2004 - 03:53 PM
2 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft issues 'critical' XP patch
Security Microsoft released a "critical" fix on Thursday for a security issue left unresolved by the Windows XP Service Pack 2.

The configuration change closed a hole in the Windows firewall settings that could open up PCs to attack if the machines had been set to share files or a printer with the local network
Published Dec 17, 2004 - 02:53 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Microsoft monthly bulletin includes five new warnings
Security Microsoft released five security bulletins on Tuesday  as part of its monthly update cycle, warning of vulnerabilities that put computers running Windows at risk of attack.

The flaws affect desktop as well as server installations of multiple Windows versions. However, none are rated "critical," Microsoft's highest severity rating.
Published Dec 15, 2004 - 09:30 AM
comments? Send this story to a friend Printer friendly page

Win - MS: WALTER S. MOSSBERG: Security Issues Plague Windows-Based PCs, Impairing Ease of Use
Security This year's big move by Microsoft was to release a massive security fix for Windows XP. This patch, called SP2, closed some of the holes in Windows that had been exploited by the criminals. But SP2 didn't include the capability to specifically detect, block or remove viruses, spyware and spam. Its firewall, aimed at barring intruders, is inferior to others on the market. And its built-in "Security Center" does almost nothing to enhance security.
Published Dec 09, 2004 - 11:55 AM
comments? Send this story to a friend Printer friendly page

*NIX - UNIX: Mac and Linux Not Immune to Viruses
Security Any operating system in the hands of naive users can be as dangerous as a Windows computer.

It's easy for administrators and computing professionals to get frustrated with users for all kinds of reasons, but security has to be one of the biggest reasons these days.
Published Dec 06, 2004 - 07:59 PM
17 Comments Send this story to a friend Printer friendly page

Apple - Mac: Apple releases security update to Mac OS X
Security Apple Computer published an update to its Mac OS X operating system Thursday, closing 17 security holes in open-source and proprietary components.

The advisory and patch addressed five vulnerabilities in the Apache Web server included with the operating system, as well as two flaws in the mail servers used by Mac OS X. Apple also fixed two flaws in the company's Safari Web browser and another problem with the QuickTime media server.
Published Dec 03, 2004 - 11:07 AM
comments? Send this story to a friend Printer friendly page

Corporate PCs 'riddled with spyware'
Security Corporate systems are riddled with spyware, according to a study by an anti-spyware firm. Companies voluntarily using Webroot's Corporate SpyAudit tool had an average of 20 nasties per PC, Webroot reports.

Most of the items found were harmless cookies. But average five per cent of the PCs scanned had system monitors and 5.5 per cent had Trojan horse programs, the two most nefarious and potentially malicious forms of spyware.
Published Dec 02, 2004 - 01:20 PM
3 Comments Send this story to a friend Printer friendly page

Automated ''Bots'' Overtake PCs Without Firewalls Within 4 Minutes
Security Avantgarde today released a study that showed that automated "bots," worms and other threats pummeled six computer platforms over a two-week period with 305,955 total attacks. Results also revealed that an inadequately protected computer fell victim to an actual compromise within four minutes of first plugging into the Internet.
Published Nov 30, 2004 - 11:07 AM
4 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft emphasises security problems
Security The head of Microsoft Australia has labelled security "the biggest threat to the growth of our company and our industry overall" amid a raft of indications the software heavyweight is struggling to stay on top of the area.

Steve Vamos told attendees at an Australian Information Industry Association event in Adelaide yesterday the security issue was "essentially... the only thing that can stop us, in terms of really getting back on track in terms of driving growth in the industry".
Published Nov 24, 2004 - 01:14 PM
comments? Send this story to a friend Printer friendly page

Win - MS: US Air Force's security to depend on Microsoft
Security The US Air Force (USAF) is drafting Microsoft to help simplify its networks and software contracts, a move that could improve its computer security and deliver savings of $100m.

The USAF is consolidating its 38 software contracts and nine support contracts with Microsoft into two all-encompassing, agency-wide agreements, according to a statement seen by silicon.com sister site CNET News.com.
Published Nov 22, 2004 - 03:58 PM
4 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft scoffs at '10 new XP SP2 flaws'
Security Security firm Finjan has found 10 flaws in Windows XP SP2 - while Microsoft is saying the warnings are over the top.

According to the security company, the flaws mean that "attackers can silently and remotely take over an SP2 machine when the user simply browses a web page".
Published Nov 12, 2004 - 11:26 AM
comments? Send this story to a friend Printer friendly page

*NIX - UNIX: Linux more secure than Windows says study
Security Another Brown study in the Windows vs Linux security debate claims to prove that the Mighty Vole fudged things when it claimed that its software was more secure than Linux.

The study, compiled by tech journalist Nicholas Petreley concludes that Microsoft's "Get The Facts" campaign does not deal with the "real facts."
Published Oct 27, 2004 - 11:59 AM
1 Comment Send this story to a friend Printer friendly page

Win - MS: Hackers are getting smarter, says Ballmer
Security At Gartner Symposium ITXPO, Microsoft Chief Executive, Steve Ballmer touched on quite a few topics that are targeted towards Microsoft's end consumers. One of the most important questions that Ballmer touched upon was - how come Microsoft products aren't completely secure? As a response to that question, he said, hackers are getting smarter everyday and it is potentially impossible to fix every single bug in the thousands of lines of code in its operating systems.
Published Oct 22, 2004 - 03:16 PM
7 Comments Send this story to a friend Printer friendly page

Win - MS: IE Exploit Lets Attackers Plant Programs on SP2
Security A security researcher has discovered a new exploit for Microsoft Corp.'s Windows XP Service Pack 2 that allows programs to be planted and executed on fully-patched systems.

The researcher, known as http-equiv and operator of the malware.com Web site, discovered a weakness in the local security zone of Internet Explorer which, through the use of the HTML Help control, allows security restrictions in the zone to be bypassed.
Published Oct 20, 2004 - 04:23 PM
1 Comment Send this story to a friend Printer friendly page

Win - MS: Security chief quits Microsoft
Security Stuart Okin, the public face of Microsoft UK's security work, has resigned from the software giant.

In an email sent by Okin on Wednesday afternoon and seen by ZDNet UK, he revealed he was "moving on to pastures new" after eight years at Microsoft.
Published Oct 14, 2004 - 06:24 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Microsoft warns of a score of security flaws
Security Microsoft published 10 software security advisories on Tuesday, warning Windows users and corporate administrators of 22 new flaws that affect the company's products.

The advisories, and patches published with the bulletins, range from an "important" flaw affecting only Microsoft Windows NT Server to a collection of eight security holes, including three rated "critical," that leave Internet Explorer open to attack. Microsoft's highest severity rating for software flaws is its "critical" ranking, while "important" is considered slightly less severe.
Published Oct 12, 2004 - 04:02 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Microsoft delays IM beta over security concerns
Security The security concern stems from a feature called "winks," essentially Flash-based animated buddy icons with sound effects that users can send one another. Apparently hackers can exploit the hole to send their own unauthorized winks to people, causing a "security problem" for the recipient, a Microsoft representative said.

Because of this discovery, Microsoft will pull the winks feature when it releases the MSN Messenger 7.0 beta next week. The software giant had planned to release the beta this week.
Published Oct 07, 2004 - 04:58 PM
comments? Send this story to a friend Printer friendly page

CyberCzar To Gov't: I Quit!
Security On the job for barely a year, Yoran's tenure as director of the National Cybersecurity Division (NCSD) was marked by both accomplishment and frustration. The accomplishments included establishment of both a cybersecurity clearing house and the National Cyber Alert System.

The frustrations? Sources commenting on Yoran's departure cited the division's small budget, the director's lack of authority and his difficulty in fostering cross-agency cooperation.
Published Oct 06, 2004 - 02:00 PM
2 Comments Send this story to a friend Printer friendly page

The Future Of Infosec
Security
Contributed by: , CISSP
:: Open Content

Because software is potentially infinitely foul-able it can be said that it is also infinitely insecure. Though cracks in the system are sometimes obvious and thus easily patched, others are only exposed after introducing an element into the security equation that a software developer hadn't anticipated. It's this reason why Infosec (an acronym for information systems security) will continue to be an ever-growing technological field of work. Daniel R. Miessler submitted the following editorial to osOpinion/osViews which explores the intricacies of this relatively new facet of our computer-centric lifestyle and how its changing society.
--
Published Oct 06, 2004 - 01:18 AM
Read more... (19343 bytes more) comments? Send this story to a friend Printer friendly page

Win - MS: Hackers use porn to target Microsoft JPEG hole
Security Malicious hackers are seeding Internet news groups that traffic in pornography with JPEG images that take advantage of a recently disclosed security hole in Microsoft Corp.'s software, according to warnings from antivirus software companies and Internet security groups.

The reports are the first evidence of public attacks using the critical flaw, which Microsoft identified and patched on Sept. 14. Users who unwittingly download the poison images could have remote control software installed on their computers that gives remote attackers total control over the machine, experts warned.
Published Sep 28, 2004 - 05:29 PM
1 Comment Send this story to a friend Printer friendly page

Thousands of zombie PCs created daily
Security The rate at which personal computers are being hijacked by hackers rocketed in the first half of 2004, reveals a new report. An average of 30,000 computers per day were turned into enslaved “zombies”, compared with just 2000 per day in 2003.

US computer security company Symantec says efforts to build so-called "botnets" - networks of zombies used to launch attacks on corporate websites or as anonymous relays for sending out spam - from hacked computers have intensified dramatically in recent months.
Published Sep 24, 2004 - 03:33 PM
comments? Send this story to a friend Printer friendly page

*NIX - UNIX: 'Microsoft will not completely protect you' says Gartner
Security It's official: don't expect Microsoft to completely protect your network. "We've all been part of the biggest beta test the world has ever known -- Windows. Microsoft will not solve all of the security problems, no matter what the richest man in the world says," said Gartner vice president Victor Wheatman in a keynote speech at Gartner's IT Security Summit on Monday.

Wheatman kicked off the conference saying that removing faulty software during operation was costing firms up to 5 percent more than finding flaws during quality assurance tests.
Published Sep 20, 2004 - 12:22 PM
comments? Send this story to a friend Printer friendly page

Apple - Mac: New Apple update protects iChat-ers
Security Apple has released a security update that protects iChat users from malicious applications.

The iChat update means that remote iChat participants can no longer send links that can start programs running if clicked. Instead iChat has been modified so that links of this type will open a Finder window that displays the program instead of running it.
Published Sep 17, 2004 - 11:36 AM
2 Comments Send this story to a friend Printer friendly page

Win - MS: Ballmer Beats Security Drum
Security Microsoft CEO Steve Ballmer believes the software industry will create more positive change in the next 10 years than it did in the previous 10 -- provided that security threats are effectively handled.

"Security is the one issue that could stand in all our ways," Ballmer said in an address to the Massachusetts Software Council today. "To the degree that people don't feel they can rely on [applications] is a major impediment.
Published Sep 01, 2004 - 07:43 PM
11 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft: Hackers Wouldn't Bother To Spoof SP2's Security Center
Security Microsoft on Thursday flatly denied reports that one of Windows XP Service Pack 2's most touted features leaves users open to possible attacks. In effect, hackers have better things to do, Microsoft said.

According to one outside analysis, SP2's Windows Security Center, the dashboard-like console that monitors and reports on the status of various security defenses -- from firewalls to anti-virus software -- can be spoofed by hackers into displaying false information, such as an enabled firewall or a even a totally bogus anti-virus package supposedly protecting the PC.
Published Aug 26, 2004 - 04:32 PM
3 Comments Send this story to a friend Printer friendly page

Common Security Algorithms...Not so secure!
Security Encryption circles are buzzing with news that mathematical functions embedded in common security applications have previously unknown weaknesses.

The excitement began Thursday with an announcement that French computer scientist Antoine Joux had uncovered a flaw in a popular algorithm called MD5, often used with digital signatures. Then four Chinese researchers released a paper that reported a way to circumvent MD5 and other algorithms.
Published Aug 19, 2004 - 01:25 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Windows easier to 'own'
Security Microsoft has been waiting for security researchers to say that its Windows operating system has a lower total cost of ownership. One finally has, but that's not good news.

David Aitel, a noted security professional and managing director of vulnerability assessment firm Immunity, published a paper stating that "owning" a computer--hacker-speak for compromising a system--is easier if the target computer runs Windows. While couched in puns and jokes, the paper takes a serious stance on the security of Windows compared with modern Linux, Aitel said.
Published Aug 18, 2004 - 02:54 PM
2 Comments Send this story to a friend Printer friendly page

Win - MS: Windows XP SP2 more secure? Not so fast
Security At first glance, the release suggests that Microsoft has finally become serious about upgrading Windows' security. But before you get too excited, let me take a moment to slice through some of the hype coming out of Redmond, Washington. When it comes to eliminating Internet threats, there's still a lot of work yet to be done -- both by Microsoft and by you and me.
Published Aug 17, 2004 - 12:19 PM
1 Comment Send this story to a friend Printer friendly page

osRadio: OSX Security Concerns? osRadio Responds to Securityfocus.com
Security
Contributed by: Kelly McNeill
:: Open Content

Security Focus is a respected citizen within the technology journalism scene. The web site typically publishes insightful and educational news or commentary on computer-related security issues.

However, journalist Daniel Hanson penned an editorial for the site that questioned OSX's security capabilities but based the premise for that piece upon several misleading pieces of information. osRadio's own Kelly McNeill took the time to respond to the article in the following broadcast editorial.
Published Jul 23, 2004 - 03:11 AM
Read more... (687 bytes more) 4 Comments Send this story to a friend Printer friendly page

Cryptography and the Open Source Security Debate
Security
Contributed by: Daniel R. Miessler
:: Open Content

If you follow technology trends, you're probably aware of the two schools of thought with regard to security and/or cryptography. Does cryptography and security solutions become more secure as the number of eyes pouring over its source code increases or is a private solution which leverages security through obscurity provide a more secure environment?

Daniel R. Miessler submitted the following editorial to osOpinion/osViews, which offers some compelling arguments for both scenarios. In the end, his well thought out opinion, comes to a universal conclusion.

--
Published Jul 20, 2004 - 01:03 AM
Read more... (5549 bytes more) 21 Comments Send this story to a friend Printer friendly page

Win - MS: MS Patch Day: 7 Alerts; 2 Critical
Security Microsoft Tuesday released a batch of seven security patches, including two for "critical" vulnerabilities found in the Windows Task Scheduler and HTML Help features.

As part of its monthly patch release cycle, the software giant warned that the Task Scheduler contains a buffer overflow that puts users at risk of computer takeover.
Published Jul 13, 2004 - 05:25 PM
comments? Send this story to a friend Printer friendly page

Win - MS: Microsoft to pitch security as 'competitive advantage'
Security Microsoft Corp. will pitch security as a "competitive advantage" at its worldwide partner conference in Toronto next week, but it may be a tough sell to attendees who are still waiting for the software maker to deliver on some of last year's security-related promises

Microsoft's second annual Worldwide Partner Conference kicks off Sunday. The three-day event is focused on helping its partners to sell more Microsoft products.
Published Jul 09, 2004 - 12:53 PM
2 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft acknowledges that IIS and holes in IE are being used in widespread attacks
Security Microsoft Corp. acknowledged Thursday that Internet Information Server (IIS), a component of the Windows 2000 Server, and holes in the Internet Explorer Web browser are being used in widespread attacks that are compromising Web pages and using them as launching pads for malicious computer code.

The company urged customers to apply the latest security patches for both IIS and the Internet Explorer Web browser and increase the security settings on Internet Explorer browser.
Published Jun 25, 2004 - 06:54 PM
5 Comments Send this story to a friend Printer friendly page

Win - MS: Symantec CEO hits Microsoft security myth
Security Symantec CEO John Thompson has hit out at "the myth" that Microsoft's operating system is inherently less secure than the open-source alternatives, which he likened to a "dead-end alley". However, he still had few kind words for the software giant.

Thompson believes the reason Microsoft is so often seen as culpable for virus outbreaks and security flaws is simply because it is the biggest target--though he admitted that if "things get too homogenized, it is not a good thing"--especially where security is concerned.
Published Jun 02, 2004 - 12:21 PM
5 Comments Send this story to a friend Printer friendly page

Win - MS: Why Windows is a Security Nightmare
Security Security in all mainstream operating systems is non-existent; however, things are especially bad for Windows. Windows happens to be the favorite target of worm and virus writers. Conventional wisdom suggests that the huge installed base of Windows helps spread the worms and viruses, and also makes it a highly attractive target for worm/virus writers. The installed base of Windows certainly has an undeniable effect on the prevalence of malware on Windows, but this is not all there is to it.
Published May 17, 2004 - 02:36 PM
8 Comments Send this story to a friend Printer friendly page

SA Pollie Weighs in About Sasser Worm
Security Politicians are rarely known to speak out about computer worms but South Australian Democrat Ian Gilfillan is not about to let the Sasser worm episode go by without having his say...

'The Sasser worm doesn't affect Apple, Sun, BSD, Unix, or Linux systems. Once again we see governments and businesses around Australia are being slammed by a computer program that exploits weaknesses in one brand of proprietary software'
Published May 06, 2004 - 11:43 AM
9 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Discontinues Next-Generation Security Project
Security After a year of tackling the Windows security nightmare, Microsoft has killed its Next-Generation Secure Computing Base (NGSCB) project and later this year plans to detail a revised security plan for Longhorn, the next major version of Windows, company executives said.

On Tuesday, Microsoft executives confirmed that NGSCB will be canned. The project, dreamed up with Intel in 2002, was once code-named Palladium.
Published May 05, 2004 - 01:25 PM
17 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft's upcoming barrier to entry: Security signatures
Security
Contributed by: Tom Nadeau
:: Open Content

"Operating system security might best be regarded as the new beige. Everybody's doing it... or at least trying. With new devastating viruses poking their heads around the corner every other month or so, it's no wonder security has become the primary topic of discussion around the water cooler lately.

Editorial contributor Tom Nadeau submitted the following editorial to osViews which analyses Microsoft's previous style of "competition" and sees the same trend occurring with software security. He demonstrates that locking out virus prone software is also a strategy for locking out competition."

--
Published May 02, 2004 - 06:11 PM
Read more... (6950 bytes more) 13 Comments Send this story to a friend Printer friendly page

Win - MS: Banks attacked via Windows hole
Security Hackers used a newly published vulnerability in Microsoft's Windows Server platform to attack at least three Australian financial institutions, according to US intrusion detection specialist Internet Security Systems.

ISS Australia managing director Kim Duffy said the company's Global Threat Operations Centre discovered the attacks using the vulnerability last Thursday. ISS has watched the so-called MS04-011 vulnerability with interest since reporting the problem to Microsoft last September through its responsible disclosure program.
Published Apr 27, 2004 - 12:39 PM
comments? Send this story to a friend Printer friendly page

Analyst questions Gates's security claims
Security Joe Wilcox, an analyst with Jupiter Research, commented that Gates "must have a different way of counting", as he claimed Microsoft issued nine critical or important security alerts for Windows Server 2003 compared to 40 for Windows 2000 Server, during both products' first 320 days of release.

"I'd like to know if Mr Gates counted moderate or low alerts, seeing as how Microsoft changed how it rates security problems in between product releases," wrote Wilcox on microsoftmonitor.com, a web publication from the analyst firm.
Published Apr 05, 2004 - 11:31 AM
8 Comments Send this story to a friend Printer friendly page

Linux vs. Windows: Which Is More Secure?
Security In a new report, Is Linux More Secure Than Windows? from Forrester Research Inc., based in Cambridge, Mass., Computing Infrastructures Senior Analyst Laura Koetzle finds that both Windows and Linux can be deployed securely. Microsoft Corp., however, fixes security problems the quickest—which is a good thing, since it also has the most major security holes.

Forrester found that many IT professionals believe that Linux is more secure than Windows, but Koetzle found that the real-world answer is more complicated than that simplistic analysis.
Published Mar 31, 2004 - 01:35 PM
9 Comments Send this story to a friend Printer friendly page

Can Spam and Secure Networks by cutting off International Access
Security
Contributed by: Douglas Chick courtesy of TheNetworkAdministrator.com
:: Open Content

"Does your e-mail in-box get overloaded with so much junk mail that it makes you want to throw your hands up in the air and give up on this form of electronic communication? You're not alone. Laws in several countries have been passed which make the practice of sending spam illegal. Unfortunately the majority of the spam comes from other countries. Editorial contributor Doug Chick submitted the following editorial to osViews which talks about a solution he came upon after speaking with his phone company.
--
Published Mar 16, 2004 - 10:05 AM
Read more... (2959 bytes more) 8 Comments Send this story to a friend Printer friendly page

Win - MS: Outlook flaw riskier than thought
Security Microsoft has raised the severity rating of an Outlook flaw to "critical," the highest level, after its initial analysis was challenged by the researcher who found the security hole.

The vulnerability in Outlook 2002, first publicized on Tuesday, when Microsoft released a patch, could allow an attacker to use a malicious Web site to cause an affected PC to download and execute a program.
Published Mar 10, 2004 - 06:12 PM
comments? Send this story to a friend Printer friendly page

Apple - Mac: eEye finds critical flaw in Apple's QuickTime
Security Security firm eEye Digital Security has discovered critical vulnerabilities in Apple's QuickTime software and in various IBM personal computers which could lead to remote compromise of systems.

Particulars of the vulnerabilities have not been released in keeping with eEye's policy of informing a vendor about a bug and then waiting until a patch is ready before releasing details.
Published Mar 03, 2004 - 03:12 PM
3 Comments Send this story to a friend Printer friendly page

*NIX - UNIX: Study: BSD, OS X Most Secure OSes
Security A study by the mi2g Intelligence Unit reveals that the world's safest and most secure online server Operating System (OS) is proving to be the Open Source family of BSD (Berkley Software Distribution) and the Mac OS X based on Darwin.

The study also reveals that Linux has become the most breached online server OS in the government and non-government spheres for the first time, while the number of successful hacker attacks against Microsoft Windows based servers have fallen consistently for the last ten months.
Published Feb 20, 2004 - 10:15 AM
5 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Security Flaws Latest Case In Wider Problem
Security Serious software security flaws revealed by Microsoft Corp. last week present more troubling evidence that the botched use of a key programming technology has created pervasive cracks in vital components of the Internet developed by a wide array of companies.

The "critical" Windows flaws Microsoft described are rooted in the software giant's use of a standard programming format, known as "abstract syntax notation one," or ASN.1.
Published Feb 18, 2004 - 12:31 PM
2 Comments Send this story to a friend Printer friendly page

Win - MS: First Fallout from Code Leak Hits the Web
Security A security company on Monday alerted clients of a new vulnerability to Internet Explorer 5, one attributed to the recent leak of Microsoft Corp. Windows source code. The quick attack appears to contradict some optimistic expectations that the recent leak of Windows 2000 and NT code would not pose a significant opportunity for hackers.

According to a message posted by SecurityGlobal.net LLC's Security Tracker Web site, a vulnerability was reported in Microsoft Internet Explorer Version 5 that lets a "remote user execute arbitrary code on the target system."
Published Feb 16, 2004 - 03:07 PM
1 Comment Send this story to a friend Printer friendly page

Win - MS: Gartner Questions Microsoft's Commitment To Operating-System Security
Security Research firm Gartner issued a note late Thursday that raises serious questions about Microsoft's internal commitment to rid its operating system of security holes that make worms such as MS Blaster, SQL Slammer, and Code Red possible.

The report from Gartner was spurred by the Abstract Syntax Notation vulnerability which Microsoft made public and issued a corrective patch for earlier this week. The vulnerability affects most every modern version of the Windows operating system and most security experts agree systems that aren't quickly patched are at high risk of hacker attacks or a quick-spreading Internet worm.
Published Feb 13, 2004 - 05:42 PM
3 Comments Send this story to a friend Printer friendly page

Win - MS: Microsoft Warns on Windows Security Flaws
Security Microsoft Corp. warned customers Tuesday about unusually serious security problems with its Windows software that could let hackers quietly break into their computers to steal files, delete data or eavesdrop on sensitive information.

Microsoft, which learned about the flaws more than six months ago from researchers, said the only protective solution was to apply a repairing patch it offered on its Web site.
Published Feb 10, 2004 - 02:34 PM
4 Comments Send this story to a friend Printer friendly page

2003's Most Popular Viruses, and Hacking Tools
Security Viruses, Trojan horses, Worms, Adware, Spyware, and Remote Control programs have overrun computers in 2003 and the forecast for these digital parasites is worse for 2004. Hackers and spammers use all the latest software security holes, worms and trojans to attack many businesses and trick Internet users into revealing their personal and financial information. These constant attacks on private and public systems have become more than just a nuisance, they’ve become an overwhelming financial burden, 10 billion dollars. Listed below are the most commonly used programs Hacker tools, Key Loggers, RAT: (Remote Administration Tool), Spyware, Spyware cookies, Trojans, and Worms from the year 2003.
Published Jan 29, 2004 - 09:58 AM
2 Comments Send this story to a friend Printer friendly page

Win - MS: XP hole could compromise system
Security A hole has been discovered in Windows XP Professional and Home Edition that could compromise a network and be used to get into protected areas.

Reported by bug-finder 'http-equiv' of Malware.com -- who has found several critical holes in Microsoft software previously -- the vulnerability has been described as “moderately critical," which means you can still get a cup of tea before you fix it but don’t have a long lunch.
Published Jan 27, 2004 - 03:38 PM
2 Comments Send this story to a friend Printer friendly page

FSF Server Compromised 11/2, Discovered 12/2
Security On December 1st, 2003, we discovered that the 'Savannah' system, which is maintained by the Free Software Foundation and provides CVS and development services to the GNU project and other Free Software projects, was compromised at circa November 2nd, 2003.

The compromise seems to be of the same nature as the recent attacks on Debian project servers; the attacker seemed to operate identically. However, this incident was distinctly different from the modus operandi we found in the attacks on our FTP server in August 2003.
Published Dec 04, 2003 - 09:45 AM
10 Comments Send this story to a friend Printer friendly page

*NIX - UNIX: Is Linux more secure than Windows, or vice versa?
Security Is Linux more secure than Windows, or vice versa? Fueled by conflicting industry reports, this controversy keeps raging. To arrive at a well-informed opinion on the subject, you need to know as much as you can about what kinds of security measures are actually available for Linux. Moreover, if you're administering Linux already, some implementation tips from Linux security pros can undoubtedly come in handy.
Published Oct 31, 2003 - 10:55 AM
11 Comments Send this story to a friend Printer friendly page

Perception of Linux as Most Secure OS Rises 21%, XP Plummets by 43%
Security Evans Data Corporation's Fall 2003 North American Development Survey has found that Linux has increased its lead in developers' minds as the "most innately secure operating system" from 19% six months ago to 23% today. At the same time, the percentage of developers who said that Windows XP is the most secure dropped by more than 40%, from 14% six months ago to 8% today.
Published Oct 15, 2003 - 04:06 PM
7 Comments Send this story to a friend Printer friendly page

Viruses and Market Dominance - Myth or Fact?
Security An article at The Register, authored by Scott Granneman of SecurityFocus, examines the conventional wisdom that if Linux or Mac OS X were as popular as Windows, there would be just as many viruses written for those platforms. Mr. Granneman bluntly says this is wrong, then proceeds to detail the fundamental differences between those OS's and Windows which make Windows an easy and inviting target for virus-writers, as opposed to the Unix-based platforms.
Published Oct 06, 2003 - 05:43 PM
1 Comment Send this story to a friend Printer friendly page

Blame Who For OS Insecurity?
Security
Contributor: Gary Rogers
:: Open Content

"osViews contributor Gary Rogers takes on News.com.com's Charles Cooper and asks if the responsibility associated with worms, viri and compromised security should lie in the hands of the hackers and hooligans that committed the crime or if the blame should be cast upon the OS or software developers that left the back door open."
---
Published Sep 28, 2003 - 08:38 PM
Read more... (3838 bytes more) 12 Comments Send this story to a friend Printer friendly page

Of Banana's and Apples
Security It may well be that staying with Windows is fairly unhealthy - or not. In any event it is important to think about the risks and benefits (cheap hardware and uniform training) of a computational monoculture. It would be interesting to see what business would do if the events of two weeks ago repeated themselves every few months. You can't blame me for monocultures -- I use OpenBSD.
Published Sep 03, 2003 - 06:07 PM
comments? Send this story to a friend Printer friendly page


Home :: Share Your Story

XML-RSS-RDF :: AvantGo
All logos and trademarks on this site are property of their respective owner.
The comments are property of their posters, written and audio content can be syndicated under the osViews open content license.
The osViews web site and logo are the property of osViews.